A Gift of Fire Third edition Sara Baase Chapter 2: Privacy Slides prepared by Cyndi Chie and Sarah Frye
"Big Brother is Watching You" Databases: Government Accountability Office (GAO) - monitors government's privacy policies Data mining and computer matching to fight terrorism
"Big Brother is Watching You" (cont.) The Fourth Amendment, Expectation of Privacy and Surveillance Technologies: Weakening the Fourth Amendment Supreme Court decisions and expectation of privacy Modern surveillance techniques are redefining expectation of privacy
"Big Brother is Watching You" (cont.) The Fourth Amendment, Expectation of Privacy and Surveillance Technologies (cont.): The USA Patriot Act and national security letters No court order or court oversight needed 2003-2005 report found "widespread and serious misuse" of the FBIs national security letter authorities
"Big Brother is Watching You" (cont.) Video Surveillance: Security cameras Increased security Decreased privacy
What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications
Privacy and Computer Technology Key Aspects of Privacy: Freedom from intrusion (being left alone) Control of information about oneself Freedom from surveillance (being tracked, followed, watched)
Privacy and Computer Technology (cont.) New Technology, New Risks: Government and private databases Sophisticated tools for surveillance and data analysis Vulnerability of data
Privacy and Computer Technology (cont.) Terminology: Invisible information gathering - collection of personal information about someone without the person’s knowledge Secondary use - use of personal information for a purpose other than the one it was provided for
Privacy and Computer Technology (cont.) Terminology (cont.): Data mining - searching and analyzing masses of data to find patterns and develop new information or knowledge Computer matching - combining and comparing information from different databases (using social security number, for example, to match records)
Privacy and Computer Technology (cont.) Terminology (cont.): Computer profiling - analyzing data in computer files to determine characteristics of people most likely to engage in certain behavior
Privacy and Computer Technology (cont.) Principles for Data Collection and Use: Informed consent Opt-in and opt-out policies Fair Information Principles (or Practices) Data retention
Diverse Privacy Topics Marketing, Personalization and Consumer Dossiers: Targeted marketing Data mining Paying for consumer information Data firms and consumer profiles Credit records
Diverse Privacy Topics (cont.) Location Tracking: Global Positioning Systems (GPS) -computer or communication services that know exactly where a person is at a particular time Cell phones and other devices are used for location tracking Pros and cons
Diverse Privacy Topics (cont.) Stolen and Lost Data: Hackers Physical theft (laptops, thumb-drives, etc.) Requesting information under false pretenses Bribery of employees who have access Except for hackers, these are not new to computer technology. Before computers, files were stolen, receipts were stolen, information was requested under false pretenses and employees were bribed. But, with computers, the extent and impact have grown.
Diverse Privacy Topics (cont.) What We Do Ourselves: Personal information in blogs and online profiles Pictures of ourselves and our families File sharing and storing Is privacy old-fashioned? Young people put less value on privacy than previous generations May not understand the risks
Diverse Privacy Topics (cont.) Public Records: Access vs. Privacy: Public Records - records available to general public (bankruptcy, property, and arrest records, salaries of government employees, etc.) Identity theft can arise when public records are accessed How should we control access to sensitive public records?
Diverse Privacy Topics (cont.) National ID System: Social Security Numbers Too widely used Easy to falsify
Diverse Privacy Topics (cont.) National ID System (Cont.): A new national ID system - Pros would require the card harder to forge have to carry only one card A new national ID system - Cons Threat to freedom and privacy Increased potential for abuse
Diverse Privacy Topics (cont.) Children: The Internet Not able to make decisions on when to provide information Vulnerable to online predators Parental monitoring Software to monitor Web usage Web cams to monitor children while parents are at work GPS tracking via cell phones or RFID
Protecting Privacy Technology and Markets: Privacy enhancing-technologies for consumers Encryption Public-key cryptography Business tools and policies for protecting data
Protecting Privacy (cont.) Rights and laws: Contrasting Viewpoints (cont.): Consumer Protection View Uses of personal information Costly and disruptive results of errors in databases Ease with which personal information leaks out Consumers need protection from their own lack of knowledge, judgment, or interest
Communication Wiretapping and E-mail Protection: Telephone 1934 Communications Act prohibited interception of messages 1968 Omnibus Crime Control and Safe Streets Act allowed wiretapping and electronic surveillance by law-enforcement (with court order) E-mail and other new communications Electronic Communications Privacy Act of 1986 (ECPA) extended the 1968 wiretapping laws to include electronic communications, restricts government access to e-mail The meaning of pen register has changed over time. It originally referred to a device that recorded the numbers called from a phone. Now it also refers to logs phone companies keep of all numbers called, including time and duration.
Communication (cont.) Encryption Policy: Government ban on export of strong encryption software in the 1990s (removed in 2000)